(sessionId: string, gen: number)
| 163 | } |
| 164 | |
| 165 | async function doRefresh(sessionId: string, gen: number): Promise<void> { |
| 166 | let oauthToken: string | undefined |
| 167 | try { |
| 168 | oauthToken = await getAccessToken() |
| 169 | } catch (err) { |
| 170 | logForDebugging( |
| 171 | `[${label}:token] getAccessToken threw for sessionId=${sessionId}: ${errorMessage(err)}`, |
| 172 | { level: 'error' }, |
| 173 | ) |
| 174 | } |
| 175 | |
| 176 | // If the session was cancelled or rescheduled while we were awaiting, |
| 177 | // the generation will have changed — bail out to avoid orphaned timers. |
| 178 | if (generations.get(sessionId) !== gen) { |
| 179 | logForDebugging( |
| 180 | `[${label}:token] doRefresh for sessionId=${sessionId} stale (gen ${gen} vs ${generations.get(sessionId)}), skipping`, |
| 181 | ) |
| 182 | return |
| 183 | } |
| 184 | |
| 185 | if (!oauthToken) { |
| 186 | const failures = (failureCounts.get(sessionId) ?? 0) + 1 |
| 187 | failureCounts.set(sessionId, failures) |
| 188 | logForDebugging( |
| 189 | `[${label}:token] No OAuth token available for refresh, sessionId=${sessionId} (failure ${failures}/${MAX_REFRESH_FAILURES})`, |
| 190 | { level: 'error' }, |
| 191 | ) |
| 192 | logForDiagnosticsNoPII('error', 'bridge_token_refresh_no_oauth') |
| 193 | // Schedule a retry so the refresh chain can recover if the token |
| 194 | // becomes available again (e.g. transient cache clear during refresh). |
| 195 | // Cap retries to avoid spamming on genuine failures. |
| 196 | if (failures < MAX_REFRESH_FAILURES) { |
| 197 | const retryTimer = setTimeout( |
| 198 | doRefresh, |
| 199 | REFRESH_RETRY_DELAY_MS, |
| 200 | sessionId, |
| 201 | gen, |
| 202 | ) |
| 203 | timers.set(sessionId, retryTimer) |
| 204 | } |
| 205 | return |
| 206 | } |
| 207 | |
| 208 | // Reset failure counter on successful token retrieval |
| 209 | failureCounts.delete(sessionId) |
| 210 | |
| 211 | logForDebugging( |
| 212 | `[${label}:token] Refreshing token for sessionId=${sessionId}: new token prefix=${oauthToken.slice(0, 15)}…`, |
| 213 | ) |
| 214 | logEvent('tengu_bridge_token_refreshed', {}) |
| 215 | onRefresh(sessionId, oauthToken) |
| 216 | |
| 217 | // Schedule a follow-up refresh so long-running sessions stay authenticated. |
| 218 | // Without this, the initial one-shot timer leaves the session vulnerable |
| 219 | // to token expiry if it runs past the first refresh window. |
| 220 | const timer = setTimeout( |
| 221 | doRefresh, |
| 222 | FALLBACK_REFRESH_INTERVAL_MS, |
no test coverage detected